F5: Why Enterprises Must Overcome the AI Readiness Gap
What happens when enterprises rush to implement AI without the infrastructure to support it? According to F5’s latest research, the answer could be an AI readiness gap that could pose a serious threat to scaling AI initiatives.
The company’s 2025 State of AI Application Strategy Report, based on surveys of 650 global IT leaderse, reveals that only 2% of enterprises qualify as highly ready to scale AI securely across operations: highlighting a disconnect between AI ambition and operational capability that threatens to leave most organisations vulnerable to security risks whilst limiting their ability to capitalise on AI innovations.
The research identifies three distinct categories of enterprise AI readiness. High-readiness organisations, representing just 2% of respondents, demonstrate robust governance frameworks and cross-cloud security capabilities. Moderately ready companies account for 77% of enterprises surveyed, whilst 21% fall into the low-readiness category.
Research exposes widespread AI security vulnerabilities
The security challenges associated with AI scaling present particular concerns for enterprise leaders. Despite 71% of survey respondents saying they are using AI to augment security operations, only 31% have deployed AI firewalls to protect their implementations.
- Only 2% of enterprises qualify as highly ready to scale AI securely across operations
- 71% of organisations use AI to boost security, yet only 31% have deployed AI firewalls
- Average organisation uses three different AI models, with 65% deploying multiple paid and open-source alternatives
The research also reveals that moderately ready organisations face gaps when it comes to security implementation. Only 18% of these companies have deployed AI firewalls, though 47% plan to implement such protections within the next 12 months.
Data governance is another critical vulnerability. The report finds that just 24% of organisations practice continuous data labelling: a process essential for maintaining transparency and reducing risks of attacks. This governance weakness becomes particularly concerning when combined with the hybrid cloud environments that many enterprises operate today, creating potential exposure points across multiple deployment locations.
The number of AI models in use by enterprises today threatens to compound these security challenges. The research shows that 65% of respondents use two or more paid models alongside at least one open-source alternative. The average organisation deploys three different models, with paid models such as GPT-4 featuring alongside open-source alternatives including Meta’s Llama variants, Mistral AI variants and Google’s Gemma.
F5 warns of governance and security risks
The gap between AI adoption enthusiasm and operational readiness raises questions about enterprise preparedness for AI transformation. “As AI becomes core to business strategy, readiness requires more than experimentation – it demands security, scalability and alignment,” says John Maddison, Chief Product and Corporate Marketing Officer at F5.
F5’s AI Readiness Index measures six factors of operational maturity, including security and infrastructure alignment. This framework attempts to quantify enterprise capability beyond AI deployment metrics, focusing instead on the underlying systems necessary for secure scaling.
The cross-cloud security challenge represents a particular concern for enterprises operating hybrid environments. The report identifies governance gaps that leave workflows and data exposed to vulnerabilities when AI systems operate across multiple cloud platforms.
AI is already transforming security operations
The expanded attack surface created by diverse AI model usage presents additional risks. Open-source AI tools, whilst offering cost and flexibility advantages, introduce control framework challenges that many enterprises appear unprepared to address.
How F5 helps address AI scaling challenges
The implications of widespread AI unreadiness extend beyond individual enterprise risk to broader competitive dynamics. Organisations that achieve high AI readiness can leverage innovation strategically whilst mitigating operational risks. Those without mature frameworks face operational bottlenecks, compliance challenges and constrained growth potential.
The timing of these findings coincides with accelerating AI adoption across industries. The report indicates that 70% of moderately ready organisations have generative AI in active use, with virtually all others developing implementation plans. This widespread adoption timeline suggests that the readiness gap may widen as enterprises rush to deploy AI capabilities without corresponding infrastructure investments.
“AI is already transforming security operations,” John says, “but without mature governance and purpose-built protections, enterprises risk amplifying threats.”
